cohesive_marketplace_middleware 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a34773a0133414482f6c51355c2fed3e3a74c115a5c7029311f93273983444a7
|
4
|
+
data.tar.gz: 13bd370b078dafd52eabb562df66580decd46c69916ff9a315128cc116329847
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e7882e14c2094dd1dd41d946596451144b6b2508a0e65af24a3e427257f9820217f9e0fd2c11f1474bcf9743012ddcd6ddd6f928d7ca9dbbdc978fb234cde5e8
|
7
|
+
data.tar.gz: 949f6ea4cda78f97492afffe2e17bb49db5274b84f68b4d530d533eba603d9058972a25146e48970d4f95cfbfa4e1c212cd5b6e7f9998f8e45e4c073c4d08021
|
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
cohesive_marketplace_middleware (0.1.
|
4
|
+
cohesive_marketplace_middleware (0.1.4)
|
5
5
|
cohesive_marketplace_sdk (~> 0.1.1, >= 0.1.1)
|
6
6
|
jwt (~> 1.5, >= 1.5.0)
|
7
7
|
|
@@ -44,7 +44,7 @@ GEM
|
|
44
44
|
rubocop-ast (>= 1.24.1, < 2.0)
|
45
45
|
ruby-progressbar (~> 1.7)
|
46
46
|
unicode-display_width (>= 2.4.0, < 3.0)
|
47
|
-
rubocop-ast (1.
|
47
|
+
rubocop-ast (1.27.0)
|
48
48
|
parser (>= 3.2.1.0)
|
49
49
|
rubocop-performance (1.15.2)
|
50
50
|
rubocop (>= 1.7.0, < 2.0)
|
@@ -1,9 +1,10 @@
|
|
1
|
-
require
|
1
|
+
require "cohesive_marketplace_middleware"
|
2
2
|
|
3
3
|
module AuthMiddleware
|
4
4
|
class Railtie < Rails::Railtie
|
5
5
|
initializer "cohesive_marketplace_middleware.configure_rails_initialization" do |app|
|
6
6
|
app.middleware.use AuthMiddleware
|
7
|
+
app.middleware.use CookieAuthMiddleware
|
7
8
|
end
|
8
9
|
end
|
9
10
|
end
|
@@ -3,29 +3,108 @@
|
|
3
3
|
require_relative "cohesive_marketplace_middleware/version"
|
4
4
|
require "cohesive_marketplace_sdk"
|
5
5
|
|
6
|
+
AUTH_DETAILS_ENV_KEY = "auth_details"
|
7
|
+
COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX = "COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX"
|
8
|
+
COHESIVE_MIDDLEWARE_LOGIN_PATH = "COHESIVE_MIDDLEWARE_LOGIN_PATH"
|
9
|
+
COHESIVE_MIDDLEWARE_LOGIN_PATH_DEFAULT = "/cohesive_login"
|
10
|
+
|
6
11
|
module CohesiveMarketplaceMiddleware
|
7
|
-
|
12
|
+
def getCohesiveAuthDetails(env)
|
13
|
+
env[AUTH_DETAILS_ENV_KEY]
|
14
|
+
end
|
15
|
+
|
16
|
+
def collect_ignore_paths
|
17
|
+
# Get the path prefixes to ignore from an environment variable.
|
18
|
+
ignore_path_prefix_string = ENV[COHESIVE_MIDDLEWARE_IGNORE_PATH_PREFIX]
|
19
|
+
# Split the prefixes into an array.
|
20
|
+
result = ignore_path_prefix_string.split(",")
|
21
|
+
# Output some information for debugging.
|
22
|
+
puts("Cohesive middleware ignoring paths: ", result)
|
23
|
+
result
|
24
|
+
end
|
8
25
|
|
9
26
|
class AuthMiddleware
|
27
|
+
# Initializes a new instance of the middleware.
|
28
|
+
#
|
29
|
+
# @param app [Object] The application object.
|
30
|
+
#
|
31
|
+
# @return [void]
|
10
32
|
def initialize(app)
|
11
33
|
@app = app
|
12
|
-
|
34
|
+
@ignore_paths = collect_ignore_paths
|
13
35
|
end
|
14
36
|
|
15
37
|
def call(env)
|
16
|
-
|
17
|
-
if
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
38
|
+
# Check if the current path should be ignored.
|
39
|
+
if !(@ignore_paths.any? { |prefix| env["REQUEST_PATH"].start_with?(prefix) })
|
40
|
+
authorization_header = env["HTTP_AUTHORIZATION"]
|
41
|
+
if authorization_header&.start_with?("Bearer ")
|
42
|
+
token = authorization_header.sub("Bearer ", "")
|
43
|
+
begin
|
44
|
+
env[AUTH_DETAILS_ENV_KEY] = CohesiveMarketplaceSDK.validate_jwt token
|
45
|
+
rescue => exception
|
46
|
+
puts exception
|
47
|
+
return [401, {"Content-Type" => "text/plain"}, [exception.message]]
|
48
|
+
end
|
49
|
+
else
|
50
|
+
return [401, {"Content-Type" => "text/plain"}, ["No Token in auth header"]]
|
24
51
|
end
|
25
|
-
|
26
|
-
|
52
|
+
end
|
53
|
+
@app.call(env)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
class CookieAuthMiddleware
|
58
|
+
# Initializes a new instance of the middleware.
|
59
|
+
#
|
60
|
+
# @param app [Object] The application object.
|
61
|
+
#
|
62
|
+
# @return [void]
|
63
|
+
def initialize(app)
|
64
|
+
@app = app
|
65
|
+
@ignore_paths = collect_ignore_paths
|
66
|
+
|
67
|
+
# Get the login redirect URI from an environment variable.
|
68
|
+
@redirect_uri = ENV[COHESIVE_MIDDLEWARE_LOGIN_PATH]
|
69
|
+
# Set a default URI if the environment variable is not set.
|
70
|
+
if @redirect_uri == ""
|
71
|
+
@redirect_uri = COHESIVE_MIDDLEWARE_LOGIN_PATH_DEFAULT
|
27
72
|
end
|
28
73
|
|
74
|
+
# Add the login redirect URI to the list of ignored paths.
|
75
|
+
@ignore_paths.append(@redirect_uri)
|
76
|
+
|
77
|
+
# Output some information for debugging.
|
78
|
+
puts("Cohesive middleware login redirect: ", @redirect_uri)
|
79
|
+
end
|
80
|
+
|
81
|
+
# Processes a request and authenticates the user if necessary.
|
82
|
+
#
|
83
|
+
# @param env [Hash] The Rack environment hash.
|
84
|
+
#
|
85
|
+
# @return [Array] A Rack-compatible response triplet.
|
86
|
+
def call(env)
|
87
|
+
# Check if the current path should be ignored.
|
88
|
+
if !(@ignore_paths.any? { |prefix| env["REQUEST_PATH"].start_with?(prefix) })
|
89
|
+
# Create a new request object.
|
90
|
+
request = ActionDispatch::Request.new(env)
|
91
|
+
# Get the authentication token from the cookie.
|
92
|
+
token = request.cookie_jar[:chAppToken]
|
93
|
+
if token
|
94
|
+
begin
|
95
|
+
# Validate the JWT token and store the result in the environment hash.
|
96
|
+
env[AUTH_DETAILS_ENV_KEY] = CohesiveMarketplaceSDK.validate_jwt token
|
97
|
+
rescue => exception
|
98
|
+
# Return a 401 Unauthorized response if the token is invalid.
|
99
|
+
puts exception
|
100
|
+
return [401, {"Content-Type" => "text/plain"}, [exception.message]]
|
101
|
+
end
|
102
|
+
else
|
103
|
+
# Redirect the user to the login page if the token is missing.
|
104
|
+
return [301, {"Location" => "/cohesive_login", "Content-Type" => "text/plain"}, ["token not in cookie"]]
|
105
|
+
end
|
106
|
+
end
|
107
|
+
# Call the next middleware or application in the chain.
|
29
108
|
@app.call(env)
|
30
109
|
end
|
31
110
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cohesive_marketplace_middleware
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chinmay Relkar
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-02-
|
11
|
+
date: 2023-02-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|